[USN-4561-1] Rack vulnerabilities
eduardo.barretto at canonical.com
Wed Sep 30 19:57:39 UTC 2020
Ubuntu Security Notice USN-4561-1
September 30, 2020
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Rack could be made to expose sensitive information over the network.
- ruby-rack: modular Ruby webserver interface
It was discovered that Rack incorrectly handled certain paths. An attacker
could possibly use this issue to obtain sensitive information.
It was discovered that Rack incorrectly validated cookies. An attacker
could possibly use this issue to forge a secure cookie. (CVE-2020-8184)
The problem can be corrected by updating your system to the following
Ubuntu 18.04 LTS:
In general, a standard system update will make all the necessary changes.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: not available
More information about the ubuntu-security-announce